Developers

License

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is furnished
to do so, subject to the following conditions:

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

Release 1.1.0 - 07/01/2010

Release 1.0.1 - 07/12/2009

Release 1.0.0 - 07/12/2009

vjGuardADPlugin

The vjGuardADPlugin packages authentification using Active Directory, proposes management of users (only from AD), groups (create on AD and on database) and permissions and Single Sign On (SSO) with NTLM or Kerberos protocol if activated.

all:
ad:
options: # theses options are usefull for the adldap class, the documentation is online
account_suffix: '@mysite.fr'
base_dn: 'DC=mysite,DC=fr'
domain_controllers: [ "myDC1.mysite.fr", "myDC2.mysite.fr" ]
ad_username: 'username_administrator_active_directory'
ad_password: 'password_administrator_active_directory'
recursive_groups: false
# if ntlm is activated, autologon with the windows username (there are some issues with the NTLM protocol, they are documented farther in this readme)
ntlm_active: true
# if kerberos is activated, autologon with the windows username
kerberos_active: true
# the name of the group authorized to acces to application
group_authorize: GROUP
# the master OU in your AD where will be create the groups
master_ou: 'OU=ENFANT2,OU=ENFANT1,OU=PARENT'
# the value is added after the name of the group
# ie : I add the group 'administrator', in AD, the group created will be 'administrator_SECURE_GROUP' but still appear as 'administrator' in your web interface
# if useless, set false
secure_group_name: _SECURE_GROUP
# an array of group not allowed to be created
# if useless, set false
group_not_allowed: [ group1, group2 ]